mirror of
https://gitlab.torproject.org/tpo/core/tor.git
synced 2024-11-28 06:13:31 +01:00
Merge branch 'maint-0.3.1'
This commit is contained in:
commit
3aba8490ba
9
changes/bug22349
Normal file
9
changes/bug22349
Normal file
@ -0,0 +1,9 @@
|
|||||||
|
o Minor bugfixes (directory authority):
|
||||||
|
- When a directory authority rejects a descriptor or extrainfo with
|
||||||
|
a given digest, mark that digest as undownloadable, so that we
|
||||||
|
do not attempt to download it again over and over. We previously
|
||||||
|
tried to avoid downloading such descriptors by other means, but
|
||||||
|
we didn't notice if we accidentally downloaded one anyway. This
|
||||||
|
behavior became problematic in 0.2.7.2-alpha, when authorities
|
||||||
|
began pinning Ed25519 keys. Fixes ticket
|
||||||
|
22349; bugfix on 0.2.1.19-alpha.
|
@ -676,8 +676,8 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
|
|||||||
control_event_or_authdir_new_descriptor("REJECTED",
|
control_event_or_authdir_new_descriptor("REJECTED",
|
||||||
ri->cache_info.signed_descriptor_body,
|
ri->cache_info.signed_descriptor_body,
|
||||||
desclen, *msg);
|
desclen, *msg);
|
||||||
routerinfo_free(ri);
|
r = ROUTER_AUTHDIR_REJECTS;
|
||||||
return ROUTER_AUTHDIR_REJECTS;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Check whether this descriptor is semantically identical to the last one
|
/* Check whether this descriptor is semantically identical to the last one
|
||||||
@ -697,8 +697,8 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
|
|||||||
control_event_or_authdir_new_descriptor("DROPPED",
|
control_event_or_authdir_new_descriptor("DROPPED",
|
||||||
ri->cache_info.signed_descriptor_body,
|
ri->cache_info.signed_descriptor_body,
|
||||||
desclen, *msg);
|
desclen, *msg);
|
||||||
routerinfo_free(ri);
|
r = ROUTER_IS_ALREADY_KNOWN;
|
||||||
return ROUTER_IS_ALREADY_KNOWN;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Do keypinning again ... this time, to add the pin if appropriate */
|
/* Do keypinning again ... this time, to add the pin if appropriate */
|
||||||
@ -733,8 +733,8 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
|
|||||||
"its key did not match an older RSA/Ed25519 keypair",
|
"its key did not match an older RSA/Ed25519 keypair",
|
||||||
router_describe(ri), source);
|
router_describe(ri), source);
|
||||||
*msg = "Looks like your keypair does not match its older value.";
|
*msg = "Looks like your keypair does not match its older value.";
|
||||||
routerinfo_free(ri);
|
r = ROUTER_AUTHDIR_REJECTS;
|
||||||
return ROUTER_AUTHDIR_REJECTS;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* Make a copy of desc, since router_add_to_routerlist might free
|
/* Make a copy of desc, since router_add_to_routerlist might free
|
||||||
@ -772,6 +772,20 @@ dirserv_add_descriptor(routerinfo_t *ri, const char **msg, const char *source)
|
|||||||
tor_free(desc);
|
tor_free(desc);
|
||||||
tor_free(nickname);
|
tor_free(nickname);
|
||||||
return r;
|
return r;
|
||||||
|
fail:
|
||||||
|
{
|
||||||
|
const char *desc_digest = ri->cache_info.signed_descriptor_digest;
|
||||||
|
download_status_t *dls =
|
||||||
|
router_get_dl_status_by_descriptor_digest(desc_digest);
|
||||||
|
if (dls) {
|
||||||
|
log_info(LD_GENERAL, "Marking router with descriptor %s as rejected, "
|
||||||
|
"and therefore undownloadable",
|
||||||
|
hex_str(desc_digest, DIGEST_LEN));
|
||||||
|
download_status_mark_impossible(dls);
|
||||||
|
}
|
||||||
|
routerinfo_free(ri);
|
||||||
|
}
|
||||||
|
return r;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** As dirserv_add_descriptor, but for an extrainfo_t <b>ei</b>. */
|
/** As dirserv_add_descriptor, but for an extrainfo_t <b>ei</b>. */
|
||||||
@ -780,6 +794,7 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
|
|||||||
{
|
{
|
||||||
routerinfo_t *ri;
|
routerinfo_t *ri;
|
||||||
int r;
|
int r;
|
||||||
|
was_router_added_t rv;
|
||||||
tor_assert(msg);
|
tor_assert(msg);
|
||||||
*msg = NULL;
|
*msg = NULL;
|
||||||
|
|
||||||
@ -788,8 +803,8 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
|
|||||||
ri = router_get_mutable_by_digest(ei->cache_info.identity_digest);
|
ri = router_get_mutable_by_digest(ei->cache_info.identity_digest);
|
||||||
if (!ri) {
|
if (!ri) {
|
||||||
*msg = "No corresponding router descriptor for extra-info descriptor";
|
*msg = "No corresponding router descriptor for extra-info descriptor";
|
||||||
extrainfo_free(ei);
|
rv = ROUTER_BAD_EI;
|
||||||
return ROUTER_BAD_EI;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
/* If it's too big, refuse it now. Otherwise we'll cache it all over the
|
/* If it's too big, refuse it now. Otherwise we'll cache it all over the
|
||||||
@ -801,17 +816,34 @@ dirserv_add_extrainfo(extrainfo_t *ei, const char **msg)
|
|||||||
(int)ei->cache_info.signed_descriptor_len,
|
(int)ei->cache_info.signed_descriptor_len,
|
||||||
MAX_EXTRAINFO_UPLOAD_SIZE);
|
MAX_EXTRAINFO_UPLOAD_SIZE);
|
||||||
*msg = "Extrainfo document was too large";
|
*msg = "Extrainfo document was too large";
|
||||||
extrainfo_free(ei);
|
rv = ROUTER_BAD_EI;
|
||||||
return ROUTER_BAD_EI;
|
goto fail;
|
||||||
}
|
}
|
||||||
|
|
||||||
if ((r = routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei,
|
if ((r = routerinfo_incompatible_with_extrainfo(ri->identity_pkey, ei,
|
||||||
&ri->cache_info, msg))) {
|
&ri->cache_info, msg))) {
|
||||||
extrainfo_free(ei);
|
if (r<0) {
|
||||||
return r < 0 ? ROUTER_IS_ALREADY_KNOWN : ROUTER_BAD_EI;
|
extrainfo_free(ei);
|
||||||
|
return ROUTER_IS_ALREADY_KNOWN;
|
||||||
|
}
|
||||||
|
rv = ROUTER_BAD_EI;
|
||||||
|
goto fail;
|
||||||
}
|
}
|
||||||
router_add_extrainfo_to_routerlist(ei, msg, 0, 0);
|
router_add_extrainfo_to_routerlist(ei, msg, 0, 0);
|
||||||
return ROUTER_ADDED_SUCCESSFULLY;
|
return ROUTER_ADDED_SUCCESSFULLY;
|
||||||
|
fail:
|
||||||
|
{
|
||||||
|
const char *d = ei->cache_info.signed_descriptor_digest;
|
||||||
|
signed_descriptor_t *sd = router_get_by_extrainfo_digest((char*)d);
|
||||||
|
if (sd) {
|
||||||
|
log_info(LD_GENERAL, "Marking extrainfo with descriptor %s as "
|
||||||
|
"rejected, and therefore undownloadable",
|
||||||
|
hex_str((char*)d,DIGEST_LEN));
|
||||||
|
download_status_mark_impossible(&sd->ei_dl_status);
|
||||||
|
}
|
||||||
|
extrainfo_free(ei);
|
||||||
|
}
|
||||||
|
return rv;
|
||||||
}
|
}
|
||||||
|
|
||||||
/** Remove all descriptors whose nicknames or fingerprints no longer
|
/** Remove all descriptors whose nicknames or fingerprints no longer
|
||||||
|
Loading…
Reference in New Issue
Block a user